From MozillaWiki
Jump to: navigation, search

This procedure will re-create the CentOS 5.0-based reference VM image. Internally, this VM is named CentOS-5.0-ref-tools-vm.


Things Done For You

Version 2

Install CentOS 5.0 from CDs

f749d7e17fa01604b9956304efba2333  CentOS-5.0-i386-bin-1of6.iso
963258ceafda5c5e6f79be86028b6b3d  CentOS-5.0-i386-bin-2of6.iso
a08ec9ccfdc89c24f3d6567219f90c42  CentOS-5.0-i386-bin-3of6.iso
b31c239009b780d1c89c311c192e43be  CentOS-5.0-i386-bin-4of6.iso
0c3990be2271bf44c1495aa0003b5552  CentOS-5.0-i386-bin-5of6.iso
9e6f91a5292f46b02777133765fc03fe  CentOS-5.0-i386-bin-6of6.iso

TB: Thunderbird build clients use a separate /buildbot partition of 80GB. Now that we reboot after each build, be sure to "tune2fs -c 0" the buildbot partition to avoid an fsck of it every 20 reboots.

Package Selection

The Easy Way: the installer kickstart file (stored in internal repo).

The Hard Way:

While installing, select a the GNOME Desktop and then select Custom package development; the following categories were selected:

  • Desktop Environments
    • Gnome Desktop Environment
  • Applications
    • Editors
    • Text-based internet
      • Add lynx
  • Development
    • Development Tools
    • Development Libraries
    • X Software Development
    • GNOME Software Development
    • Legacy Software Development
  • Servers
    • Turn all off, except for "Printing Support
  • Base System
    • Turn off Dialup Networking
    • Turn on System Tools

Some Sys-prepping

We have some scripts that do some of this: root, cltbld

On first boot, CentOS will ask some questions:

  • Turn the firewall off (we run our build machines on their own network, behind a firewall)
  • Disable SELinux
  • Enable NTP
  1. Login; install VMwareTools-3.0.1-32039.rpm
  3. add clock=pit and vdso=no lines to /boot/grub/grub.conf
  4. turn on syncTime in VMware config
  5. for s in auditd avahi-daemon acpid bluetooth cpuspeed hplip hidd mcstrans pcscd ntpd cups cups-config-daemon mdmonitor openibd smartd pcmcia isdn atd gpm anacron autofs apmd kudzu yum-updated; do chkconfig $s off; done
  6. chkconfig vncserver on
  7. Copy over cltbld's ssh keys from another tinderbox
  8. Edit /etc/mail/ and add as the "Smart Relay"
  9. rm /etc/sshd/ssh_host_*

Add the following lines to ~/.bash_profile

export CVS_RSH=ssh
export JAVA_HOME=/builds/jdk
export TBOX_CLIENT_CVS_DIR="/builds/tinderbox/mozilla/tools"

Install Sun Java JDK

Note: we should archive this binary somewhere

d916c24bed9eef7aebc2626115e14a11  jdk-1_5_0_10-linux-i586.bin
  • Save to /tools
cd /tools
chmod 0755 ./dist/jdk-1_5_0_10-linux-i586.bin 
# type 'yes' to accept the license
ln -s jdk1.5.0_10/ jdk

Make GCC 4.1 (redhat branch)

md5sum gcc-4.1.1-30.src.rpm
# 555b8cb95d3d7d851b2ebd5c3cec7837  
rpm2cpio gcc-4.1.1-30.src.rpm | cpio -i gcc-4.1.1-20061011.tar.bz2
tar xfvj gcc-4.1.1-20061011.tar.bz2 
mkdir gcc-obj-release
cd gcc-obj-release/

../gcc-4.1.1-20061011/configure --enable-long-long --enable-threads=posix --enable-__cxa_atexit --enable-languages=c,c++ --with-system-zlib --prefix=/tools/gcc-4.1.1 2>&1 | tee ../gcc-4.1.1-configure.log
make 2>&1 | tee ../gcc-4.1.1-make.log
make install 2>&1 | tee ../gcc-4.1.1-make_install.log

Build Python 2.5.1

(Some VMs use Python 2.5 or Python 2.4.4 but this is what is on the ref platform.)


tar xfvj dist/Python-2.5.1.tar.bz2 
cd Python-2.5.1/
./configure --prefix=/tools/python-2.5.1 2>&1 | tee /tools/dist/logs/python2.5.1-configure.log 
make 2>&1 | tee /tools/dist/logs/python2.5.1-make.log 
make install 2>&1 | tee /tools/dist/logs/python2.5.1-make_install.log
cd /tools/
ln -s python-2.5.1 python

Version 3

Make directories

 mkdir -p /tools/dist/logs
 mkdir -p /builds/logs

Initial Setup Steps

export PYTHONHOME="/tools/python"
export PATH="/tools/python/bin:$PATH"

Installing Zope Interface

cd /tools/dist/
tar xfvz zope.interface-3.3.0.tar.gz 
cd zope.interface-3.3.0/
python install --prefix=/tools/zope-interface-3.3.0
cd /tools; ln -s zope-interface-3.3.0 zope-interface
export PYTHONPATH="/tools/zope-interface/lib/python2.5/site-packages:$PYTHONPATH"

Installing Twisted

cd /tools/dist/
tar xfvj TwistedCore-2.4.0.tar.bz2 
tar xfvj Twisted-2.4.0.tar.bz2 
cd TwistedCore-2.4.0
python install --prefix=/tools/twisted-core-2.4.0
pushd /tools/; ln -s twisted-core-2.4.0 twisted-core; popd
export PYTHONPATH="/tools/twisted-core/lib/python2.5/site-packages:$PYTHONPATH"
cd /tools/dist/Twisted-2.4.0/
python install --prefix=/tools/twisted-2.4.0
cd /tools; ln -s twisted-2.4.0 twisted
export PYTHONPATH="/tools/twisted/lib/python2.5/site-packages/:$PYTHONPATH"

Version 4

Installing Mercurial

tar -zvxf mercurial-0.9.5.tar.gz
cd mercurial-0.9.5
export PYTHONHOME="/tools/python"
export PATH="/tools/python/bin:$PATH"
python install

Installing Scratchbox

As root:

chmod a+x ./
./ -s /scratchbox
/scratchbox/sbin/sbox_adduser cltbld yes

As cltbld:
Comment out the PYTHONHOME and PATH entries in ~/.bash_profile.

source ~/.bash_profile
chmod +x
tar -xzvf libIDL-0.8.9.tar.gz
cd libIDL-0.8.9
./configure --prefix=/usr
make install

Remove the comments from the PYTHONHOME and PATH entries in ~/.bash_profile and source it again.

Installing Nagios NRPE Daemon

rpm --nodeps -i *.rpm
chkconfig --level 235 nrpe on
# todo: make sure this is right after configs get checked in
cvs -d co -d nagios mozilla/tools/nagios
mv nagios/nrpe-linux.cfg /etc/nagios/nrpe.cfg

Installing Autoconf 2.13

bug 433492 added autoconf 2.13 on 30/June/2008, which puts it somewhere between version 4 and 5.

sudo yum install autoconf213

Version 5

Fixup Scratchbox Install

On Centos5, need to make the following changes to sysctl.conf

 $ su 
 # vi /etc/sysctl.conf
...and append
vm.vdso_enabled = 0
vm.mmap_min_addr = 4096 
 # /sbin/sysctl -p
vm.vdso_enabled = 0 
vm.mmap_min_addr = 4096
 # exit

...there is no need to reboot.

su -
cd ~ 
cd /
tar zxvf ~/scratchbox-toolchain-cs2007q3-glibc2.5-arm6-1.0.7-3-i386.tar.gz
tar zxvf ~/scratchbox-devkit-cputransp-1.0.7-i386.tar.gz
cd /scratchbox
chmod a+x moz_scratchbox

cd /scratchbox/etc
mv resolv.conf resolv.conf.orig
cp /etc/resolv.conf .

# exit from running as root, now back to cltbld account.

sb-conf setup CHINOOK-ARMEL-2007 -c cs2007q3-glibc2.5-arm6 -d cputransp:debian-etch:doctools:maemo3-tools:perl -t /scratchbox/devkits/cputransp/bin/qemu-arm-cvs-m
sb-conf rootstrap CHINOOK-ARMEL-2007
sb-conf install CHINOOK-ARMEL-2007 -cedFGS
sb-conf select CHINOOK-ARMEL-2007


chmod +x
## following line failed out with permission errors
## sh ./ 
## so did the following instead:
$ su -
# cd /scratchbox
# sh /home/cltbld/

Note: you'll have to space/more to the end of the EULA, and then enter 'I accept'


chmod a+x execstack.armel
fakeroot mv execstack.armel /usr/bin/execstack
execstack -c `find /lib/ -name \*.so.\* -type f`
execstack -c `find /usr/lib/ -name \*.so.\* -type f`
fakeroot echo "deb chinook free non-free" >> /etc/apt/sources.list
fakeroot echo "deb file:/home/$USER/maemo-sdk-nokia-binaries_4.0.1 chinook explicit" >> /etc/apt/sources.list
fakeroot apt-get update
fakeroot apt-get install libgtk2.0-dev libxaw7-dev libfreetype6-dev libxi-dev libhildonmime-dev libosso-dev libidl-dev liblocation-dev libasound2-dev


Path Setup

Add the appropriate paths to the cltbld user's .bash_profile

export PYTHONHOME="/tools/python"
export PYTHONPATH="/tools/buildbotcustom:/tools/buildbot/lib/python2.5/site-packages:/tools/twisted/lib/python2.5/site-packages:/tools/twisted-core/lib/python2.5/site-packages:/tools/zope-interface/lib/python2.5/site-packages/"
export PATH="/opt/local/bin:/tools/buildbot/bin:/tools/twisted/bin:/tools/twisted-core/bin:$PYTHONHOME/bin:$PATH"

Compiler Setup

Symlink gcc-4.1.1 to gcc in /tools:

cd /tools
ln -s gcc-4.1.1 gcc

Version 6

Move scratchbox

You should have a /builds drive added to the VM before completing this section. All of this should be run as root.

Move scratchbox off root partition. Scratchbox takes up a non-trivial amount of space and should be moved to a different partition.

  # as root
  /etc/init.d/sbox stop
  umount /scratchbox/users/cltbld/dev/*	
  umount /scratchbox/users/cltbld/*
  mv /scratchbox /builds/scratchbox
  # scratchbox needs this symlink to function properly
  ln -s /builds/scratchbox /scratchbox
  /etc/init.d/sbox start

To verify that scratchbox is working, do:

$ moz_scratchbox
> ls
> exit

Version 7

20090112 16:30 PST

metacity / Xvfb crontabs

Add the following to cltbld's crontab:

# Make sure Xvfb is running on :2
@reboot     ps -C Xvfb | grep -q Xvfb || exec Xvfb :2 -screen 0 1280x1024x24 &
*/5 * * * * ps -C Xvfb | grep -q Xvfb || exec Xvfb :2 -screen 0 1280x1024x24 &

# Make sure metacity is running on :2
@reboot     ps -C metacity -f | grep -q :2 || exec metacity --display :2 --replace &
*/5 * * * * ps -C metacity -f | grep -q :2 || exec metacity --display :2 --replace &

Version 8

20090122 9:30 PST

upgraded mercurial to 1.1.2

Updating to newer mercurial version using this script:


pushd /tools
tar -zxvf mercurial-1.1.2.tar.gz
cd mercurial-1.1.2
export PYTHONHOME="/tools/python"
export PATH="/tools/python/bin:$PATH"
python install
rm -rf /tools/mercurial-1.1.2*

echo "Hg update complete"

Version 9

20090128 18:15 PST

install libnotify-devel rpm

If yum-utils are not installed yet, do the following:

rpm -ivh yum-utils-1.0.4-3.el5.centos.2.noarch.rpm

Developer requested devel package for libnotify bug 473831

# root
yumdownloader libnotify-devel-0.4.2-6.el5
rpm -ivh libnotify-devel-0.4.2-6.el5.i386.rpm
yum list installed | grep libnotify
 libnotify.i386                 0.4.2-6.el5            installed       
 libnotify-devel.i386           0.4.2-6.el5            installed

Version 10

Buildbot init scripts

cd /builds
mkdir slave
su -
cd /etc/default
wget -Obuildbot
cd /etc/init.d
wget -Obuildbot
chmod +x buildbot
chkconfig --add buildbot
/etc/init.d/buildbot start
sudo -e /etc/sudoers
# Add 'cltbld ALL=NOPASSWD: /usr/bin/reboot' as the last line, save and exit

Update scratchbox mercurial and python

First, fix the DNS in scratchbox.

cp /etc/resolv.conf /scratchbox/users/cltbld/targets/CHINOOK_X86/etc/resolv.conf
cp /etc/resolv.conf /scratchbox/users/cltbld/targets/CHINOOK_ARMEL/etc/resolv.conf
cp /etc/resolv.conf /scratchbox/users/cltbld/targets/CHINOOK-ARMEL-2007/etc/resolv.conf

Allow cltbld to write to the tool areas

su -
chown -R cltbld /scratchbox/devkits/maemo3-tools

Initial setup

tar zxvf mercurial-1.1.2.tar.gz
echo 'export PYTHONPATH=/usr/lib/python2.5/site-packages:$PYTHONPATH' >> .bashrc

Do the following for CHINOOK_X86, while still running /scratchbox/moz_scratchbox:

sb-conf select CHINOOK_X86
echo 'deb bora free' >> /etc/apt/sources.list
apt-get update
yes | apt-get install python2.5 python2.5-dev python2.5-xml
cd /usr/bin
rm python; ln -s python2.5 python
cd ~/mercurial-1.1.2
python2.5 install
cd /scratchbox/devkits/maemo3-tools/bin
mv hg hg.old
mv hgmerge hgmerge.old
ln -s /usr/bin/hg .
hg --version

The hg --version should give you no errors.

Repeat for CHINOOK_ARMEL... but I was unsuccessful getting hg 1.1.2 installed/working there.

sb-conf select CHINOOK_ARMEL
echo 'deb bora free' >> /etc/apt/sources.list
apt-get update
yes | apt-get install python2.5 python2.5-dev python2.5-xml
cd /usr/bin
rm python; ln -s python2.5 python

Repeat for CHINOOK-ARMEL-2007.

sb-conf select CHINOOK-ARMEL-2007
echo 'deb bora free' >> /etc/apt/sources.list
apt-get update
yes | apt-get install python2.5 python2.5-dev python2.5-xml
cd /usr/bin
rm python; ln -s python2.5 python
cd ~/mercurial-1.1.2
python2.5 install
hg --version
rm -rf mercurial-1.1.2*

Version 11

ESD Wrapper script

Because of bug 469635 we need to wrap the esd binary to toss out stderr.

cd /usr/bin
mv esd esd.real
wget -Oesd
chmod +x esd

Version 12

Install libxdamage-dev and libxcomposite-dev in Scratchbox

sb-conf select CHINOOK_X86
apt-get install --force-yes -y libxdamage-dev libxcomposite-dev
sb-conf select CHINOOK_ARMEL
apt-get install --force-yes -y libxdamage-dev libxcomposite-dev
sb-conf select CHINOOK-ARMEL-2007
apt-get install --force-yes -y libxdamage-dev libxcomposite-dev

Version 13

Install libhildon1-dev to scratchbox

apt-get install --force-yes -y libhildon1-dev

Version 14

Disable Xvnc and some cronjobs

The updatedb cronjob manages the 'locate' database, which we do not use, and causes increased load every night at 4am PDT. The 'prelink' cronjob prelinks binaries for faster loading. This probably doesn't help build times in any significant way because we call the same binaries over and over during the build process. The Xvnc session is totally unused. To disable them, do the following:

# as root
chkconfig vncserver off
cd /etc/cron.daily
mv mlocate.cron ~/
mv prelink ~/

Version 15

Install code coverage tools

Installed lcov from

# as root
rpm -i lcov-1.7-1.noarch.rpm

Copied genhtml and geninfo from /usr/bin into /usr/local/bin, and replaced all instances of 'die' with 'print'

# as root
cp /usr/bin/genhtml /usr/bin/geninfo /usr/local/bin
sed -i 's,die,print,g' /usr/local/bin/genhtml
sed -i 's,die,print,g' /usr/local/bin/geninfo

Install jscoverage into /usr/local/bin

# as root
tar jxf jscoverage-0.4.tar.bz2
cd jscoverage-0.4
cp jscoverage jscoverage-server /usr/local/bin

Version 16

Install wireless tools

As root,

yum -y install wireless-tools-devel

Version 17

Add noatime option

Edit /etc/fstab so that the mount options for / and /builds are 'defaults,noatime'.

You don't have to reboot for these changes to take effect, instead you can do,

mount / -o remount,noatime
mount /builds -o remount,noatime

Version 18

Install libnotify for scratchbox

apt-get install --force-yes -y libnotify-dev

Version 19

Fix scratchbox wireless devel

/scratchbox/moz_scratchbox -p 'apt-get install --force-yes -y libiw-dev'

Version 20

Install Puppet

Install EPEL

As root,

rpm -Uvh

Move the JDK

To make the Puppet manifests a bit easier to manage we need to move the JDK to be in the same format as the other tools dirs (/tools/$name-$version):

# as root
cd /tools
mv jdk1.5.0_10 jdk-1.5.0_10
rm -f jdk
ln -s jdk-1.5.0_10 jdk

Mount the file share

Mount the puppet-files directory by adding an entry to fstab:

# IP is for regular build slaves and for try
$IP:/export/buildlogs/puppet-files /N   nfs	ro	0 0

And then run,

mkdir /N
mount -a

to mount it.

Install Puppet

yum install ruby facter puppet ruby-shadow augeas-libs ruby-augeas

Now, we need to run puppet once and sign its cert on the puppetmaster

# On the client
# $hostname == staging-puppet or production-puppet
puppetd --test --server $

You should get a message like "notice: Set to run 'one time'; exiting with no certificate". Sign it on the puppetmaster as follows:

# root @ staging-puppet or production-puppet
puppetca --sign $

Setup the sysconfig file:

  • Open /etc/sysconfig/puppet in an editor
  • replace 'puppet' with

Post-puppet packages

Since the deployment of Puppet, future changes to the ref platform are management by it. Because of this, providing _exact_ installation instructions can be tricky. All of the packages listed below are installed on the ref platform and some installation guidelines are provided. Looking at the puppet-manifests repository may help if you are having trouble.


GCC 4.3.3

GCC 4.3.3 was installed alongside the other GCC for use on newer branches:

  • Get and unpack it to /tools/gcc-4.3.3/source
  • Pull the patch series from
  • Apply the following patches to the GCC sources using git-apply (patch -p1 will probably work as well):
    • gty.diff
    • plugin.diff
    • parm_attrs.diff
    • c_process_decl.diff
  • mkdir /tools/gcc-4.3.3/build
  • cd /tools/gcc-4.3.3/build
  • /tools/gcc-4.3.3/source/configure --prefix=/tools/gcc-4.3.3/installed --enable-__cxa_atexit --enable-languages=c,c++
  • make install
  • The static analysis will require all of /tools/gcc-4.3.3 including the source/build/installed subdirectories


Installed inside of scratchbox with the following command:

su - cltbld -c '/scratchbox/moz_scratchbox -p apt-get --yes --force-yes install libhildonfm2-dev


Installed inside of scratchbox with the following command:

su - cltbld -c '/scratchbox/moz_scratchbox -p apt-get --yes --force-yes install libconic0-dev'

access keys from within scratchbox

/bin/mount --bind /scratchbox/users/cltbld/home/cltbld/.ssh /home/cltbld/.ssh/

Upgrade Scratchbox

Roughly, the Scratchbox upgrade was done with the following set of commands:

su -
export PATH=/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/home/cltbld/bin
umount /home/cltbld/.ssh #until no longer mounted
umount /builds/slave #might not be mounted
/scratchbox/sbin/sbox stop
sh -U -s /scratchbox
/etc/init.d/sbox start
sh -y -d -s /scratchbox
echo deb<token> nokia-binaries >> /etc/apt/sources.list
fakeroot apt-get install autoconf2.13 libnotify-dev libIDL-dev libqt4-dev
sb-conf select FREMANTLE_ARMEL
tar jxf Python-2.5.5.tar.bz2
cd Python-2.5.5
CC='host-gcc' --prefix=/usr/local
make -j4
openssl md5 openssl-0.9.8m.tar.gz Python-2.5.5.tar.bz2 
#MD5(openssl-0.9.8m.tar.gz)= 898bf125370926d5f692a2201124f8ec
#MD5(Python-2.5.5.tar.bz2)= 1d00e2fb19418e486c30b850df625aa3
tar jxf Python-2.5.5.tar.bz2
tar zxf openssl-0.9.8m.tar.gz
cd openssl-0.9.8m
CC=host-gcc CXX=host-g++ ./config shared --prefix=/usr/local
make -j4
make install
cd Python-2.5.5
CC=host-gcc CXX=host-g++ ./configure --prefix=/host_usr
make -j4
make altinstall
find /usr/local -name "*.so*" -exec ldd {} \; | grep "not found" # should have no output

Post-Install Setup

Post-install instructions are written for the latest version.

Add slave(s) to configuration files

The following files need to be updated with new slaves (note that the production Buildbot config is explicitly not updated here, it will be done later):

  • For a permanent staging slave - edit /etc/sysconfig/puppet to staging-puppet

Once your patches have landed, you need to update the following checkouts:

  • On staging-master:
# as cltbld
cd /builds/buildbot/user-configs/clean-configs
hg pull && hg up
cd ../../user-configs2/clean-configs
hg pull && hg up
  • On production-puppet (or staging-puppet if you updated site-staging.pp):
# as root
cd /etc/puppet/manifests
hg pull && hg up
  • If a machine has been recloned/replaced then you also do this as root@production-puppet
puppetca --clean

Buildbot Setup

The buildbot.tac file will automatically be generated to send the slave to the correct staging master (staging-master or sm-staging-try-master).

Run the slave through staging

see ReleaseEngineering:BuildSlaveSetup